We performed a comparison between Microsoft Defender For Endpoint and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos Intercept X comes out on top. While the Microsoft Defender For Endpoint solution is good, it lacks in certain areas that Sophos Intercept X don’t have to worry about. Overall, users of Sophos Intercept X have mainly positive feedback on the product, agreeing that its set of features is excellent.
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The setup is pretty simple."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
"There do not seem to be any limitations to the scalability of this product."
"The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."
"This is really good because it's applicable to zero-day threats."
"The most effective features of Intercept X Endpoint for threat prevention are ransomware protection, miscellaneous behavior detection, and network threat protection."
"It is stable."
"The security on offer is pretty good. We are happy with it."
"It does its job — it protects us from viruses. We don't really interact with it very much."
"The most valuable feature is that we can use the solution right out of the box without too much configuration."
"The best part is that it is built into Windows, whether it is a server base or a desktop base, which gives more control over the operating system. Because Defender, the operating system, and the Office solution are by Microsoft, everything is working like hand-in-glove. Its administrative overhead is less because a desktop user has already got some experience of how to handle a Microsoft Defender notification or administer it."
"It is stable and easy to use. Everything is okay, and there are no performance issues."
"This product is flexible, and it is very easy to get updates from the Microsoft website."
"The best thing I like about it is its interaction with the other Defender products. It provides the ability to push telemetry up. It gives me endpoint visibility and allows me to take automated actions."
"It's a very solid security system, and the advanced hunting and everything really lets you dive deep into things."
"Defender is stable. The performance is good."
"The most important and the most relevant features of Defender for Endpoint are the malware and ransomware protection."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The support needs improvement."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The only minor concern is occasional interference with desired programs."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two."
"It's a bit heavy on the computers. So once you install it, the computer slows down. It is a resource-intensive solution."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"Sophos needs to create a YouTube channel with educational material for technicians or engineers."
"There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."
"It should offer better security updates."
"The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions."
"The technical support is the lone sore-point when dealing with this product."
"The user interface could use some improvement."
"Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model."
"The automation could be simpler on the mitigation side. It has a learning curve. Otherwise, it's pretty easy."
"The solution has minimal customization options, especially compared to Mandiant, so we want to see more scope for customization. A single portal for customization would also be a welcome addition."
"Microsoft Defender for Endpoint can use more advertising to promote their features."
"I have accounts for administrators and corporate employees, but I also have accounts for students. I can't split these types of accounts. I need a separate configuration for both... I need to research how I can get alerts for only the administrative machines."
"More integration with different platforms is an area for improvement for this product, and should be included in its next release."
"The UI for Microsoft Defender for Endpoint needs to be better. Integration with client dashboards is also lacking in this product, e.g. client dashboards shouldn't just be viewable from the cloud, because when the client's computer is offline, you won't be able to see the client dashboard."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Intercept X Endpoint is rated 8.4, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Intercept X Endpoint is most compared with CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Seqrite Endpoint Security, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, CrowdStrike Falcon, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Fortinet FortiClient. See our Intercept X Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.